package org.example.src.controller;

import org.example.src.dto.request.StudentProfileRequest;
import org.example.src.dto.response.ApiResponse;
import org.example.src.dto.response.StudentProfileResponse;
import org.example.src.entity.Student;
import org.example.src.service.StudentService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import jakarta.validation.Valid;
import java.util.List;

@RestController
@RequestMapping("/api/students")
@CrossOrigin(origins = "*")
public class StudentController extends BaseController {

    @Autowired
    private StudentService studentService;

    @GetMapping
    @PreAuthorize("hasAnyRole('ADMIN', 'TEACHER')")
    public ResponseEntity<ApiResponse<List<Student>>> getAllStudents() {
        List<Student> students = studentService.findAllStudents();
        return success(students);
    }

    @GetMapping("/{id}")
    @PreAuthorize("hasAnyRole('ADMIN', 'TEACHER') or (hasRole('STUDENT') and #id == authentication.principal.id)")
    public ResponseEntity<ApiResponse<Student>> getStudentById(@PathVariable Long id) {
        Student student = studentService.findStudentById(id);
        if (student == null) {
            return notFound("学生未找到");
        }
        return success(student);
    }

    @GetMapping("/student-id/{studentId}")
    @PreAuthorize("hasAnyRole('ADMIN', 'TEACHER')")
    public ResponseEntity<ApiResponse<Student>> getStudentByStudentId(@PathVariable String studentId) {
        Student student = studentService.findStudentByStudentId(studentId);
        if (student == null) {
            return notFound("学生未找到");
        }
        return success(student);
    }

    @PostMapping
    @PreAuthorize("hasRole('ADMIN')")
    public ResponseEntity<ApiResponse<Student>> createStudent(@Valid @RequestBody Student student) {
        Student createdStudent = studentService.createStudent(student);
        return created(createdStudent);
    }

    @PutMapping("/{id}")
    @PreAuthorize("hasAnyRole('ADMIN') or (hasRole('STUDENT') and #id == authentication.principal.id)")
    public ResponseEntity<ApiResponse<Student>> updateStudent(@PathVariable Long id, @Valid @RequestBody Student student) {
        Student updatedStudent = studentService.updateStudent(id, student);
        if (updatedStudent == null) {
            return notFound("学生未找到");
        }
        return success("学生信息更新成功", updatedStudent);
    }

    @DeleteMapping("/{id}")
    @PreAuthorize("hasRole('ADMIN')")
    public ResponseEntity<ApiResponse<Void>> deleteStudent(@PathVariable Long id) {
        studentService.deleteStudent(id);
        return noContent();
    }

    @PutMapping("/{id}/profile")
    @PreAuthorize("hasAnyRole('ADMIN') or (hasRole('STUDENT') and #id == authentication.principal.id)")
    public ResponseEntity<ApiResponse<StudentProfileResponse>> updateStudentProfile(@PathVariable Long id, @Valid @RequestBody StudentProfileRequest request) {
        try {
            StudentProfileResponse response = studentService.updateStudentProfile(id, request);
            return success("学生档案更新成功", response);
        } catch (Exception e) {
            return error("更新失败: " + e.getMessage());
        }
    }
}
